Paul's Security Weekly Subscribe

Application security, Compliance Management

Avoiding the Silo: Bridging the Divide Between Security + Dev Teams – Brian Joe – PSW #699

June 17, 2021

Too often, developers and security teams have a siloed relationship. That separation can lead to inefficiencies and gaps in security across software development, ultimately leading to anything from bad user experiences to hits to the bottom line. How can teams bridge that gap, and evolve from gatekeepers of their own projects, to partners working in harmony toward a shared goal? In this podcast, Brian Joe will focus on the most overlooked factors in evaluating an organization’s InfoSec posture and what development and security teams can do to foster a mutually beneficial partnership and transition from a traditional security team model to a more collaborative one. In doing so, he’ll highlight the most common pitfalls of a siloed approach — and what companies can do to avoid them.

This segment is sponsored by Fastly.

Visit https://securityweekly.com/fastly to learn more about them!

Sponsored By

Fastly

Full episode and show notes

Announcements

Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Security Weekly is ecstatic to announce that Security Weekly Unlocked will be held IN PERSON this December 5-8 at the Hilton Lake Buena Vista! Call for presentations & early registration for Security Weekly listeners is open now! Visit securityweekly.com/unlocked to submit your presentation & register for the early registration price before it expires!

Guest

Director of Security Product Management at Fastly

Brian Joe is the Director of Security Product Management at Fastly, where he runs the Security Product team and manages Fastly’s Security Product Portfolio. Previously, Brian led the Product and Growth functions at Signal Sciences (acquired by Fastly), and has had Product, Partnership, and Operations leadership roles at Edgecast Networks (acquired by Verizon), and Verizon Communications with over 16 years of experience in Security, Networking, Cloud, and SaaS.

Hosts

Adrian Sanabria

Principal Researcher at The Defenders Initiative

https://adriansanabria.com

Professor at Roger Williams University

https://securedigitallife.com/

Sr. InfoSec Consultant at Online Business Sytems

https://www.obsglobal.com/

Product Security Research and Analysis Director at Finite State

@haxorthematrix

https://www.finitestate.io/

https://breakstuffforfun.com/

Related

Vulnerability Management

2024 End-of-Year News and Wrapup – ESW #388

December 19, 2024

As we wrap up the year, we have an honest discussion about how important security really is to the business. We discuss some of Katie's predictions for AppSec in 2025, as well as "what sucks" in security!

Ancient Curl Bug, AWS re:Invent, Malware in NPM, Census III Report, MS OTP – ASW #311

December 16, 2024

Curl's oldest bug yet, RCPs (and more!) from AWS re:Invent, possible controls for NPM's malware proliferation, insights and next steps on protecting top 500 packages from the Census III report, the flawed design choice that made Microsoft's OTP (successfully) brute-forceable, and more! 00:00 - Intro & Cyber Resilience Insights 01:20 - The 25-Y...

Application security

Applying Usability and Transparency to Security – Hannah Sutor – ASW #311

December 16, 2024

Practices around identity and managing credentials have improved greatly since the days of infosec mandating 90-day password rotations. But those improvements didn't arise from a narrow security view. Hannah Sutor talks about the importance of balancing security with usability, the importance of engaging with users when determining defaults, and se...